BanManager WebUI 1.5.8 - PHP Code Injection

BanManager WebUI 1.5.8 - PHP Code Injection & Stored XSS Exploit Title: BanManager WebUI - PHP Code Injection & Stored XSS Date: 2017-05-10 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: https://github.com/BanManagement/BanManager-WebUI Software Link:...

Moodle Remote Code Execution (CVE-2017-2641)

A remote code execution vulnerability exists in Moodle. The vulnerability is due to object injection through a legacy user preferences setting. A remote attacker can exploit this vulnerability to execute PHP code at the vulnerable Moodle server...

SyntaxHighlight 2.0 MediaWiki 1.28.0 Stored Cross Site Scripting Vulnerability

A vulnerability was found in the SyntaxHighlight MediaWiki extension. Using this vulnerability it is possible for an anonymous attacker to pass arbitrary options to the Pygments library. By specifying specially crafted options, it is possible for an attacker to trigger a stored cross site scripti...

October CMS 1.0.412 - Multiple Vulnerabilities

October CMS 1.0.412 - Multiple Vulnerabilities October CMS v1.0.412 several vulnerabilities Information =========== Name: October CMS v1.0.412 build 412 Homepage: http://octobercms.com Vulnerability: several issues, including PHP code execution Prerequisites: attacker has to be authenticated user...

phpMyAdmin 4.6.x < 4.6.3 Multiple Vulnerabilities (PMASA-2016-17 - PMASA-2016-28)

According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.6.x prior to 4.6.3. It is, therefore, affected by the following vulnerabilities: - A flaw exists in the setup/frames/index.inc.php script that allows an unauthenticated, remote attacker ...

phpMyAdmin 4.0.x < 4.0.10.16 Multiple Vulnerabilities (PMASA-2016-17, PMASA-2016-22 - PMASA-2016-24, PMASA-2016-26 - PMASA-2016-28)

According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.16. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the setup/frames/index.inc.php script that allows an unauthenticated, remote...

October CMS 1.0.412 - Multiple Vulnerabilities

October CMS v1.0.412 several vulnerabilities Information =========== Name: October CMS v1.0.412 build 412 Homepage: http://octobercms.com Vulnerability: several issues, including PHP code execution Prerequisites: attacker has to be authenticated user with media or asset management permission CVE:...

CVE-2016-4862

Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remote authenticated users to execute arbitrary PHP code on the servers...

CVE-2016-4862

The CVE-2016-4862 issue affects the Twigmo add-on shipped with CS-Cart v4.3.9 and earlier (and CS-Cart Multi-Vendor v4.3.9 and earlier). The vulnerability is a PHP object injection flaw caused by unserializing untrusted input in Twigmo, enabling a remote authenticated user to execute arbitrary PH...

October CMS 1.0.412 Code Execution / Shell Upload Vulnerabilities

Exploit for php platform in category web applications October CMS v1.0.412 several vulnerabilities Information =========== Name: October CMS v1.0.412 build 412 Homepage: http://octobercms.com Vulnerability: several issues, including PHP code execution Prerequisites: attacker has to be authenticat...

October CMS 1.0.412 Code Execution / Shell Upload

October CMS v1.0.412 several vulnerabilities Information =========== Name: October CMS v1.0.412 build 412 Homepage: http://octobercms.com Vulnerability: several issues, including PHP code execution Prerequisites: attacker has to be authenticated user with media or asset management permission CVE:...

Symphony CMS <= 2.6.11 RCE Vulnerability

Symphony CMS is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2015-6567

Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/filemanager/browse/ aka the filemanager does not validate the parameter "filename" properly. Exploitation requires a registered user who has access to upload functionality...

CVE-2015-6568

Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/filemanager/browse/ aka the filemanager does not prevent a change of a file extension to ".php" after originally using the parameter "filename" for uploading a JPEG image. Exploitation requires a...

Unrestricted file upload

Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/filemanager/browse/ aka the filemanager does not prevent a change of a file extension to ".php" after originally using the parameter "filename" for uploading a JPEG image. Exploitation requires a...

Unrestricted file upload

Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/filemanager/browse/ aka the filemanager does not validate the parameter "filename" properly. Exploitation requires a registered user who has access to upload functionality...

CVE-2015-6568

Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/filemanager/browse/ aka the filemanager does not prevent a change of a file extension to ".php" after originally using the parameter "filename" for uploading a JPEG image. Exploitation requires a...

CVE-2015-6567

CVE-2015-6567 affects Wolf CMS prior to 0.8.3.1. The vulnerability arises in admin/plugin/file_manager/browse (the file manager) where the filename parameter is not properly validated, enabling an authenticated user with upload rights to upload arbitrary files and potentially execute PHP code on ...

CVE-2015-6568

Wolf CMS before 0.8.3.1 is vulnerable to an unrestricted file upload that allows changing a file’s extension to .php via admin/plugin/file_manager/browse/, enabling PHP code execution. Exploitation requires a registered user with upload access. The issue is addressed in Wolf CMS 0.8.3.1 (release ...

Remote code execution

Remote Code Execution vulnerability in symphony/content/content.blueprintsdatasources.php in Symphony CMS through 2.6.11 allows remote attackers to execute code and get a webshell from the back-end. The attacker must be authenticated and enter PHP code in the datasource editor or event editor...